patch: KDC default referral feature
Greg Hudson
ghudson at MIT.EDU
Wed Jan 2 12:26:37 EST 2013
On 01/02/2013 11:16 AM, Richard Silverman wrote:
> I submitted a pull request to the MIT Kerberos GitHub repository 12 days
> ago:
> https://github.com/krb5/krb5/pull/9
Thanks for submitting this. I've redirected this thread to
krbdev at mit.edu, which is for discussing MIT krb5 development.
kerberos at mit.edu is for discussing usage of Kerberos 5 and isn't
specific to the MIT krb5 implementation.
I did glance at this when you sent it in, but we haven't had a chance to
discuss it as a team. While we very much appreciate any contribution,
we have a number of requirements for accepting new features, some of
which are documented at:
http://k5wiki.kerberos.org/wiki/Contributing_code
The most important requirement is an evaluation of whether we want the
new feature at all, or want it with design changes. Our process for
this is to have a write-up of the proposal as a "project page" on the
wiki and discuss it on this list. Personally, I have some concerns that
this feature is too specific within the general space of producing realm
referrals, and carries too great a risk of causing referral loops. (I'm
also not sure why you can't get almost all of the desired behavior with
the existing [domain_realm] referral support.)
A second requirement is that we only apply new changes to master, not to
a release branch. Both the KDC code and our documentation source format
have changed significantly since 1.10.
We would also require a new change like this to have automated tests.
More information about the krbdev
mailing list